A vulnerability was found in postcss up to 7.1.1 and classified as problematic . Affected is the function toString of the file src/selectors/container.js of the component AST Serialization . Executing a manipulation can lead to uncontrolled recursion. This vulnerability is registered as CVE-2026-9358 . It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor explains, that according to his definition "DoS on server-side on user-generated CSS is low risk for